Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Emc Subscribe
Filtered by product Rsa Netwitness
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-11061 1 Emc 2 Rsa Netwitness, Rsa Security Analytics 2019-10-09 9.0 HIGH 9.1 CRITICAL
RSA NetWitness Platform versions prior to 11.1.0.2 and RSA Security Analytics versions prior to 10.6.6 are vulnerable to a server-side template injection vulnerability due to insecure configuration of the template engine used in the product. A remote authenticated malicious RSA NetWitness Server user with an Admin or Operator role could exploit this vulnerability to execute arbitrary commands on the server with root privileges.
CVE-2014-0643 1 Emc 2 Rsa Netwitness, Rsa Security Analytics 2018-12-12 7.6 HIGH N/A
EMC RSA NetWitness before 9.8.5.19 and RSA Security Analytics before 10.2.4 and 10.3.x before 10.3.2, when Kerberos PAM is enabled, do not require a password, which allows remote attackers to bypass authentication by leveraging knowledge of a valid account name.